Re: [PATCH 0/3] MR8020: libs/ldap: Make GSS-SPNEGO SASL plugin work with LDAP server that uses Kerberos authentication.

13 May 2025


      On Tue May 13 18:54:17 2025 +0000, Dmitry Timoshkov wrote:
...
I've added a test
flags = 0;
ret = ldap_get_option(ld, LDAP_OPT_SSPI_FLAGS, &flags);
ok(!ret, "ldap_get_option error %#x\n", ret);
ok(flags == (ISC_REQ_MUTUAL_AUTH | ISC_REQ_EXTENDED_ERROR), "got SSPI
flags %08lx\n", flags);

I'll see if just requesting these flags work for LDAP over Kerberos.
Hans, could you please test them with NTLM and report back?
Probably integrity and confidentiality should be added as well, not sure why they are not part of default SSPI flags.
-- 
https://gitlab.winehq.org/wine/wine/-/merge_requests/8020#note_103189

2025

2024

2023

2022

Re: [PATCH 0/3] MR8020: libs/ldap: Make GSS-SPNEGO SASL plugin work with LDAP server that uses Kerberos authentication.